Today’s reminder of the insider threat comes to us from the National Health Service in the U.K. Craig Meighan and Billy Gaddi report:
A woman has been charged after Scots patients had their private medical records accessed during an NHS data breach.
Reports suggest around 100 patients in NHS Lothian could have had their records accessed as a result of the incident.
The health board said it discovered patients in the region may have had their information “inappropriately accessed” during routine monitoring.
[…]
A Police Scotland spokesperson said: “On Tuesday, September 16 2025, we received a report regarding a data breach in the Edinburgh area.
“A woman has been charged in connection, and a report has been submitted to the Procurator Fiscal.”
Read more at Daily Record.
For those wondering why the case would be referred to someone with “Fiscal” in their title: in Scotland, the Procurator Fiscal is the public prosecutor for crimes, and police reports that might lead to prosecution are referred to their office.
There’s no indication in the news report as to what the woman’s motivation might have been. Was this a case of snooping out of curiosity, or did it have some financial motivation, or…? Nor do we yet know for how long this went on.